What is Conficker?

Adrem Siratt

Conficker is a computer worm that targeted the Microsoft® Windows® operating system. This worm was first detect in November 2008. It allows its creators to remotely control the user's computer. It is one of the most rapidly spreading worms in the history of the Internet.

Man holding computer
Man holding computer

There have been several different variants of the Conficker worm. The first variant was able to exploit a security vulnerability in Windows® 2000, Windows® XP, Windows® Vista, Windows® Server 2003, Windows® Server 2008, and a beta release of Windows® Server 2008 R2. Another variant allowed the worm to spread through computers' local area network (LAN) connections through network shares.

The French Navy computer network Intramar became infected with the Conficker worm. The French Navy quickly quarantined the affected systems. This downtime resulted in several grounded aircraft, as their flight plans were unable to be downloaded. Other countries, including the United Kingdom and Germany, reported that some government computers had been found to be infected with the Conficker worm.

As of 2010, this worm has been extremely difficult to eliminate, even though nearly all of the techniques employed by the worm have been used in the past or are well understood by researchers. The combination of techniques employed by the worm has resulted in its difficulty in being eliminated. It is also believed that the creators on this worm are monitoring the attempts made by security technicians and are releasing new variants to close the security vulnerabilities as they become known.

Microsoft® has offered a reward of $250,000 US Dollars (USD) for information that leads to the conviction of any individuals responsible for the creation, distribution, and/or maintenance of the Conficker worm. Many security agencies are dedicated to ensuring that the makers of this worm are brought to justice and that the damages caused by this worm are resolved.

Users who think their computer may have become infected with the Conficker worm should be on the lookout for some of the symptoms. The user may find that accounts on the computer are being locked out without the user's permission. Anti-virus websites or the Windows® Update service may also become unavailable to users whose computer have been infected. Any user who believes his computer may be infected should first run existing anti-virus software. If this does not resolve the issues, the user may have a computer technician work on the computer to determine if it has been infected.

You might also Like

Discussion Comments


It seems that virus creators are getting more and more devious. One scary thing about this virus is that is seems to mutate just like a biological virus to avoid being eradicated. Although it was first detected in almost three years ago it is still estimated to infect millions of PCs worldwide and there are five variants of this virus.

In addition to blocking access to certain sites this virus has also been configured to install programs that can steal your passwords or control your computer. Most home computers are protected from attack by a firewall, but if you have a laptop your laptop could be infected by some variants of Conflicker if you take it to work or school. Then it could generate an attack when you access your home network.

Another way this worm attacks is through an autorun file that executes when a removable USB device connects. One good piece of advice is to be sure your computer is updated with the latest security patches and the latest version of a good antivirus.

Post your comments
Forgot password?